Douglas Obanyi Senior IT Consultant

Worcester, MA Tel: 678-***-**** ad1y15@r.postjobfree.com

Summary

IT Auditor with years of experience in reviewing and testing IT General Controls (ITGC), IT Application Controls (ITAC) and Security Controls. Experience with IT Audit projects such as Sarbanes-Oxley (SOX), Service Organization Control (SOC) Review, Cyber Security Audit in line with ISO 27001 and NIST frameworks.

Professional Experience

Aspinwood Consulting, Dover, DE 10/2021 - Present IT Auditor

Review IT General Controls (ITGC) and IT Application Controls (ITAC) on various Applications, Databases, and Operating systems.

Conduct systems & applications walkthrough to understand the end-to-end process and control activities.

Prepare and review current and past audit work papers, write-ups, and memos.

Participate in qualitative and quantitative risk assessment of newly scoped applications.

Participate in all phases of IT Audit projects – Planning, Fieldwork, Reporting and Follow-up.

Obtain, analyze, and evaluate audit evidence in support of control testing.

Report audit findings to management and other stakeholders.

Provide recommendation on resolving control issues or implementing controls.

Collaborated with issue owners towards the timely remediation of deficiencies.

Participate in annual audit program planning.

Work with application owners and external auditors towards the successful completion of the audit.

United Group of Companies, Atlanta, GA 05/2019 – 10/2021 Associate IT Auditor

Evaluated the adequacy of internal controls and compliance with company policies and procedures during walkthroughs.

Supported in the testing of business processes and related controls.

Document walkthrough details and followed-up with application owners on evidence gathering.

Provided recommendation to IT personnel on control design and effectiveness.

Test controls in support of operations and compliance audit.

Documented risks associated with in-house applications and commercial applications.

Monitored the implementation of deficiencies remediation effort to ensure that deficiencies were effectively remediated within agreed timelines.

United Group of Companies, Atlanta, GA 08/2017 – 04/2019 Compliance Analyst

Evaluated and tested business processes and related controls and identified areas of risk.

Planned and executed compliance testing programs and communicated compliance testing results.

Prepared documentation in accordance with established policies and standards.

Identified and document regulatory compliance controls.

Performed quarterly reviews of user access.

Support various internal control and risk functions.

Worked with external auditors and inspectors from regulatory agencies in testing physical security controls.

Ensured key regulations and key regulatory changes are captured in assigned testing programs.

Take immediate remedial action in case of non-compliance with the regulations.

Initiated process improvements and more efficient ways to deliver value to our businesses.

Demonstrated leadership skills by providing on-the-job coaching and, at times, supervising the work of less experienced colleagues.

Kenya Sea Turtle Trust, Nairobi, Kenya 07/2007 – 08/2017 Auditor

Documented requirements, business cases, project charters, stakeholder impact assessments, and process documents.

Coordinated meetings, work with sponsors, vendors, project managers and subject matter experts to ensure successful completion of the project.

Prepared thorough and accurate technical and business management reports, effective correspondence, accurate documentation, and easily understandable presentations.

Project coordination & execution role for Plan and Define as part of the System Development process.

Supported and educated the Product Owner in respect to refining and ordering the product

backlog.

Communicated effectively with all departments, including senior management, to ensure all finances were up to date.

Education

Bachelor of Commerce - Business Administration Systems, University of Nairobi, Kenya.

Certifications

Certified Information Systems Auditor (CISA)

Technical Skills

●COBIT, FISCAM, NIST SP 800-Series, SSAE 18, SOX, SOC, COSO, PCI DSS, HITRUST, HIPAA, OMB Circular A-123, and ISO Standards.

Contact this candidate